cedad52c59
presence: Extract and use get_active_user helper.
...
This adds a new reusable function for fetching just active users.
2018-05-20 19:07:29 -07:00
451b12d0b2
test_home: Fix broken narrow parsing exception test.
2018-05-20 19:06:14 -07:00
44b3aeb08d
home: Improve logging for narrow parsing exceptions.
...
This now includes the request and (and thus the related metadata).
2018-05-20 18:47:43 -07:00
9360af37d4
typing: Remove unnecessary conditional for recipient types.
...
It wasn't actually possible for `recipient_for_emails` to return a
STREAM regardless, and this makes things read a little clearer.
2018-05-20 18:35:48 -07:00
ecdc7fb296
typing: Fix unnecessary else clause for recipient validation.
...
The other cases all return anyway.
2018-05-20 18:27:25 -07:00
06ed55e45a
webpack: Add ALLOWED_HOSTS list for zulipdev.com and friends.
...
This makes it possible to again use the *.zulipdev.com domains in the
development environment.
Ideally, we'd also read REALM_HOSTS to make this more flexible.
2018-05-20 18:12:28 -07:00
ae0a929988
tornado: Ensure that tornado doesn't autoreload into syntax errors.
...
We've for a long time been plagued by run-dev.py needing to be
restarted every time one does a rebase that has merge conflicts,
because the Tornado process restarts itself into a syntax error and
crashes.
This fixes the Tornado autoreload process to check explicitly for
whether files actually syntax-check before trying to actually reload
the Tornado process to run that code.
There are a few things that are a bit janky:
* Ideally, this would go into Tornado upstream
* We removed the `_watched_files` feature, which we weren't using.
* Ideally, we'd use something other than `importlib.reload` that just
does the syntax-check without adjusting the state within our current
process.
Fixes #4351 .
2018-05-20 16:50:10 -07:00
4f4d56b021
tornado: Import autoreload module from upstream Tornado.
...
This allows to patch things directly.
2018-05-20 16:49:17 -07:00
61e124a2ab
models: Create get_source_profile function.
...
This will be used in our upcoming feature to import settings from
other Zulip realms.
2018-05-20 15:30:30 -07:00
74e823f5fa
models: Add function for getting membership realms.
2018-05-20 15:17:19 -07:00
0ff2051982
portico: Add tour section to homepage.
...
This adds a tour of Zulip to the bottom of the homepage.
In order to get the carousel nave, we use Bootstrap 2 from a CDN on
this page; this isn't ideal in the medium term, but upgrading
Bootstrap across the project is too much work for now.
2018-05-20 15:04:23 -07:00
a62e10d9c2
slash-commands: Suppress local echo for slash commands.
2018-05-20 14:42:09 -07:00
afe09071b9
slash-commands: Implement /day and /night.
2018-05-20 14:42:09 -07:00
bdba539480
Rename get_fixed_content_for_widget to do_widget_pre_save_actions.
2018-05-20 14:42:09 -07:00
f8fcbbb672
docs: Update security model docs for new stream history feature.
2018-05-20 14:38:51 -07:00
4f8e09d5af
provision: Fix buggy management of apt_dependencies_hash.
...
Apparently, we were incorrectly appending each new hash onto the end
of the file, basically resulting in every run of provision being
treated as a miss for this cache.
Fixing this saves about 4s (over 1/3) of the no-op provision time.
2018-05-20 14:22:32 -07:00
235002a549
provision: Don't install lsb-release if already installed.
...
This early bootstrapping step should be rearely required, and it saves
about 0.5s in our no-op provision time.
2018-05-20 14:22:32 -07:00
9be3c704f1
register_server: Fix recommendation to run with python 2.
...
Since `python` is usually Python 2, this recommendation failed on most
systems.
2018-05-20 13:16:33 -07:00
12dcabcdbd
docker: Remove need for static_asset_compiler.
...
Now that the way we're installing from Git involving building a
release tarball with a 2-stage build, we no longer need to do this.
2018-05-20 13:15:21 -07:00
d140838831
provision: Bump provision version after dependencies upgrade.
2018-05-20 11:18:59 -07:00
ac7e6b19bd
xmlhttprequest: Upgrade xmlhttprequest to v1.8.0.
2018-05-20 11:11:03 -07:00
62a90661ad
underscore: Upgrade underscore to v1.9.0.
2018-05-20 11:11:03 -07:00
4605579335
typescript: Upgrade typescript to v2.8.3.
2018-05-20 11:11:03 -07:00
38d6654265
tslint: Upgrade tslint to v5.10.0.
2018-05-20 11:11:03 -07:00
a60099a6d5
ts-loader: Upgrade ts-loader to v4.3.0.
2018-05-20 11:11:03 -07:00
0c87ce5b1c
svgo: Upgrade svgo to v1.0.5.
...
It also updated all the svg to be optmized per new version.
This new version, since the last version contains bug fixes and improvement.
Refs: https://github.com/svg/svgo/releases
2018-05-20 11:11:03 -07:00
0d697cd569
String.codePointAt: Upgrade String.codePointAt polyfill to v0.2.1.
2018-05-20 11:11:03 -07:00
4091815721
moment-timezone: Upgrade moment-timezone to v0.5.17.
...
Refs: https://github.com/moment/moment-timezone/blob/master/changelog.md
2018-05-20 11:11:03 -07:00
506b23237a
jquery-validation: Upgrade jquery-validation to v1.17.0
...
Refs: https://github.com/jquery-validation/jquery-validation/releases/tag/1.17.0
2018-05-20 11:11:03 -07:00
11d819ee3d
clipboard: Upgrade clipboard to v2.0.1.
2018-05-20 11:11:03 -07:00
9c4a189781
moment: Upgrade moment to v2.22.1.
...
This version since the last version contains bug fixes and locale improvements.
Ref: https://github.com/moment/moment/blob/develop/CHANGELOG.md#2221-see-full-changelog
2018-05-20 11:11:03 -07:00
778742a189
jsdom: Upgrade jsdom to v11.10.0.
...
This also updates node_tests to use new constructor which is uppercase,
and some properties that are changed to be more clear now, like
jsdom().defaultView which is meant to the window object is now called window.
Ref: https://github.com/jsdom/jsdom/blob/master/Changelog.md
2018-05-20 11:11:03 -07:00
00151f988a
handlebars: Upgrade handlebars to v4.0.11.
...
This version only contains bugfixes. No breaking changes have been introduced.
Ref: https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v4011---october-17th-2017
2018-05-20 11:11:03 -07:00
7b40f8d50d
flatpickr: Upgrade flatpickr to v4.5.0.
...
This new version is a lot ahead that what we now have currently.
Reading through the changelog there does not seem to any breaking
changes, just that this package have been updated a lot.
Ref: https://github.com/flatpickr/flatpickr/releases
2018-05-20 11:11:03 -07:00
f02c2349b8
@types/webpack: Upgrade @types/webpack to v4.4.0.
...
This updates the webpack typescript type defenations to latest so we
can find bugs with webpack configurations.
2018-05-20 11:11:03 -07:00
bcfc34c996
webpack-cli: Upgrade webpack-cli to v2.1.3.
...
This version just contains bugs fixes and regressions covered.
Ref: https://github.com/webpack/webpack-cli/releases/tag/2.1.3
2018-05-20 11:11:03 -07:00
50b663906a
nyc: Upgrade nyc to v11.8.0.
...
This fixes a one vulnerability with this package's dependency.
randomatic - Cryptographically Weak PRNG
Ref: https://nodesecurity.io/advisories/157
2018-05-20 11:11:03 -07:00
19ba08e055
webpack-dev-server: Upgrade webpack-dev-server to v3.1.4.
2018-05-20 11:11:03 -07:00
74b0a73260
phantomjs-prebuilt: Upgrade phantomjs-prebuilt to 2.1.16.
...
This solves 8 vulnerabilities, in its dependencies.
conacat-stream - Memory Exposure
Ref: https://nodesecurity.io/advisories/597
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566
tunnel-agent - Memory Exposure
Ref: https://nodesecurity.io/advisories/598
debug - Regular Expression Denial of Service
Ref: https://nodesecurity.io/advisories/534
stringstream - Out-of-bounds Read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
b9d49c846e
webpack: Upgrade webpack to v4.8.3.
2018-05-20 11:11:03 -07:00
6f4fc628e6
node-sass: Upgrade node-sass to v4.9.0.
...
This resolves 12 vulnerabilities.
Following were the issue with the dependencies of node-sass.
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566
tunnle-agent - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/598
stringstream - Out-of-bounds read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
b376629974
ploty.js: Upgrade ploty.js to v1.37.1.
...
This solves 14 security venrubilities in the ploty.js's dependencies.
This was found by using the `npm audit` tool which can analyse dependencies
of dependencies issues.
static-eval - Sandbox Breakout / Arbitrary Code Execution
Ref: https://nodesecurity.io/advisories/548
hoek - Prototype pollution
Ref: https://nodesecurity.io/advisories/566
stringstream - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
fa9d79e203
stats: Add 1 day actives and total users to number of users chart.
2018-05-20 10:56:16 -07:00
5ddc6c21e9
stats: Clean up line spacing in populate_number_of_users in stats.js.
...
We use this compressed form in our other layout definitions. Makes it easier
to visually digest.
2018-05-20 10:56:16 -07:00
66a589c7a7
stats: Extend get_chart_data to support charts with multiple CountStats.
2018-05-20 10:56:16 -07:00
08bf0a66b8
stats: Refactor the get_time_series_by_subgroup calls in get_chart_data.
...
This code is going to end up pretty complex -- each stat has multiple levels
of aggregation (UserCount, RealmCount, InstallationCount), and refinement
(subgroups), and soon we'll have charts that take data from multiple stats
as input.
Not sure what the best way to present it is, but hopefully this simplifies
it a bit.
2018-05-20 10:56:16 -07:00
26decb4c48
stats: Add 1day_actives::day CountStat to analytics tables.
2018-05-20 10:56:16 -07:00
3dcde1c139
webhooks/mention: Update docs to conform to style guide.
...
This one took quite a while too. The interaction between Mention
and Zapier is kinda weird and the Zapier instructions are pretty
complicated.
2018-05-20 10:54:13 -07:00
2f93c16df2
webhooks/slack: Update docs to conform to style guide.
2018-05-20 10:54:13 -07:00
257d0f5537
webhooks/statuspage: Update docs to conform to style guide.
2018-05-20 10:54:13 -07:00
Tim Abbott
Vishnu Ks
Max Nussenbaum
Joshua Pan
Priyank Patel
Nikhil Kumar Mishra
Rishi Gupta
Eeshan Garg